Access systems are well known in the art of security. Most common access systems involve a step of comparing something from or of an individual with a reference value. For example, a well-known method of securing access involves providing a password to a data entry point. The password is then hashed and compared to a reference value. When the comparison indicates that the entered password was valid for access, then access is provided.
Hashing of the password before comparison with a reference value provides two benefits. Firstly, the value is obfuscated if it is to be provided via an unsecure path. Secondly, the reference value can be stored in a hashed fashion preventing access thereto from resulting in a security breach; anyone accessing the reference value only has access to the hashed value and not to the actual password.
In biometric registration, there is a considerable concern over access to biometric information. Since biometric information is treated as static—unchanging—information, it is important that the information is safeguarded from unauthorized access. Therefore, the above noted method is useful in biometric information characterization for preventing access to the biometric information itself.
Unfortunately, biometric information is not provided in a completely static fashion. Though a fingertip, for example, does not change substantially over the course of a day, each fingerprint captured is different. Sometimes, fingerprints are very different. Thus, hashing of a fingerprint is not as easily performed for supporting the same method as is known for use with passwords. In order to successfully support the same method, each fingerprint would essentially need to be captured identically—something that is impossible. Otherwise, each fingerprint must be processed to align it with the reference data in precise repeatable known fashion.
A common method of fingerprint alignment involves extracting an identifiable feature—commonly the core—and transforming the image such that the core is positioned and oriented in a predetermined manner. Then, all extracted and subsequently hashed feature data is comparable to the enrolled fingerprint data. Unfortunately, core alignment is not sufficiently accurate to support extremely reliable fingerprint recognition. An alternative solution for aligning fingerprint data is to provide the reference data in its raw form to the image capture system and then to overlay the images to ensure accurate alignment. Unfortunately, this is very limited since it provides the biometric information in an available fashion from the reference value storage medium Such methods are discussed in patent application WO 01/11577 and WO 01/84494, both assigned to Precise Biometrics. In these references, methods are disclosed wherein a processor external to the smart card pre-processes biometric information to extract therefrom a small subset of the biometric information—a portion of an image of a fingerprint—in order to reduce the amount of processing required on a smart card processor.
In patent application WO 01/11577, it is disclosed to transmit a subset of biometric information in the place of a personal identification number (PIN) that is commonly used to access information stored on a smart card. In reality, the subset of biometric information becomes the new PIN and is merely a larger PIN that is more difficult to guess. That said, once the PIN is guessed successfully, security of the smart card is compromised and the device and method are rendered useless. Also, the use of a subset of, for example, a fingerprint image as a PIN is difficult, since fingerprints and other biometric information sources are not truly repeatably sensable.
In patent application WO 01/84494, it is disclosed to transmit to a first host processor a portion of the stored biometric information sample for use in alignment and subset extraction. A pre-processed subset is provided to a smart card, and only a small portion of the original data sensed from the biometric information sample of the authorized user requires processing on the smart card. The reduced amount of data for processing by the smart card processor results in a reduced processing time and, as such, enhances performance. Unfortunately, the data provided from the smartcard in fingerprint data and it is typically undesirable to freely distribute fingerprint data as public data.
The above-described limitations of the prior clearly indicate the need for a method, which allows for preprocessing of fingerprint data before a comparison with an enrollment template is made, but according to which no sensible or characteristic data is surrendered. Preferably, the information transmitted from a smart card to a host processor, when intercepted, does not contain any direct information regarding the enrolled fingerprint template.